BOF2326 Open Source Identity and Access Management Expert ... · •CON3568 - Federated RBAC:...

BOF2326 Open Source Identity and Access

Management Expert Panel Part IV

October 27, 2015

JavaOne

San Francisco

Session Objectives

Learn about Open Source IAM products.

Share ideas on what needs to be done in the future.

Ask the experts questions about Open Source IAM product usage.

JavaOne, San Francisco 2015 2

Moderator

3 JavaOne, San Francisco 2015

Shawn McKinney • Systems Architect • PMC Apache Directory Project • Engineering Team

Panelists

4 JavaOne, San Francisco 2015

• Igor Farinic, Senior Software Engineer, Cofounder, Evolveum

• Les Hazlewood, Cofounder and CTO, Stormpath

• Misagh Moayyed, Software Engineer, Unicon, Inc

• Bill Thompson, Director, Digital Infrastructure, Lafayette College

Agenda

• Each Panelist gets five minutes.

• Q&A

IMAGE FROM: HTTP://EVENTS.LINUXFOUNDATION.ORG/EVENTS/APACHECON-NORTH-AMERICA

5 JavaOne, San Francisco 2015

Les Hazlewood, CTO

Successful Adoption

• OSS = GitHub = Tools & Collaboration

• Super clean REST & SDK APIs

• Coarse Grained APIs (use case scalability)

• Integrations, integrations, integrations!

• Documentation is more important than almost

anything else

JavaOne, San Francisco 2015

THANK YOU

JavaOne, San Francisco 2015

JavaOne, San Francisco 2015 9

JavaOne, San Francisco 2015 10

100% Open source solution

JavaOne, San Francisco 2015 11

Identity and access management

12

Open Source Identity Ecosystem

13

Ecosystem • Cooperation instead of domination

– Cooperative marketing, R&D support – Partners add value

• Cloud, integrated solutions, managed services, extensions, plugins, connectors, ...

• Pure open source model – Contributions are welcome

• Distributed development – Code created by several development teams

JavaOne, San Francisco 2015 14

Resources

• Identity ecosystem home page

– http://www.identity-ecosystem.org

• Identity ecosystem Google Group

– https://groups.google.com/forum/#%21forum/identity-ecosystem

JavaOne, San Francisco 2015 15

JavaOne, San Francisco 2015 16

Thank you for your attention

igor.farinic@evolveum.com

Bill Thompson

• Rutgers, Princeton

• CAS PMC, CAS 3.x Architecture

• Unicon IAM Practice Director

• Lafayette College, Director Digital Infrastructure

JavaOne, San Francisco 2015 17

Lafayette College IAM • OpenLdap • CAS • Shibboleth • Grouper • PCC • Sponsored accounts, self-service, provisioning,

mfa,…

JavaOne, San Francisco 2015 18

U.S. Higher Education & Research

• FIFER -> OSIaM4HE -> CIFER -> TIER

• Trusted Identities in Education & Research

• Grouper, Shibboleth, COmanage

• TIER APIs

• Coordinated effort on policy, process, capabilities

JavaOne, San Francisco 2015 19

Misagh Moayyed

• Unicon, IAM Architect

• CAS, Shibboleth, Grouper Committer

• TIER Developer

JavaOne, San Francisco 2015 20

Recent Trends in IAM

• Dynamic configuration

– Focus on deployer; not the developer

• MFA, HA, Risk-based AuthN

• Enterprise AuthZ Strategy; RBAC

• IAM Console; Person Registry

JavaOne, San Francisco 2015 21

Q&A

JavaOne, San Francisco 2015 22

Related Sessions • CON3568 - Federated RBAC: Fortress, OAuth2 (Oltu), JWT,

Java EE, and JASPIC – October 27, 11:00 am - 12:00 pm | Hilton—Plaza Room B

• CON2324 – A Practical Guide to Role Engineering – October 27, 2:30 p.m. | Hilton—Plaza Room B

• CON2323 - The Anatomy of a Secure Web Application Using Java Redux – October 28, 3:00 pm - 4:00 pm | Hilton—Plaza Room A

• CON2325 - RBAC-Enable Your Java Web Applications with Apache Directory Fortress – October 29, 1:00 pm - 2:00 pm | Hilton—Plaza Room A

JavaOne, San Francisco 2015 23